1 to 25 of 71 OWASP Jobs in the UK

reliable software delivery. 5. Security & Compliance Integration (DevSecOps) • Embedding security into every phase of the DevOps lifecycle. • Familiarity with tools like SonarQube, Snyk, and OWASP practices. • Ensures secure code, infrastructure, and data handling. Core Experience Requirements for a DevOps SME: • Years of Experience: Typically, 5–10+ years in DevOps, systems ...

segmentation, and host security. Hands on experience with the following security products Trellix, Ivanti, ClearSwift, Yubikey Understanding of secure coding practices and common vulnerabilities (OWASP Top 10, SANS Top 25). Expertise in identity and access management (IAM), including RBAC, ABAC, JWT and Cookie based authentication. Incident detection and response ...

have: Knowledge of platform engineering patterns (g. sidecar architecture, secure base images, technical contracts). Familiarity with accessibility and security testing standards (g. OWASP, WCAG). Benefits Alongside your salary, DBT contributes £17,991 towards you being a member of the Civil Service Defined Benefit Pension scheme. Learning and development ...

have: Knowledge of platform engineering patterns (g. sidecar architecture, secure base images, technical contracts). Familiarity with accessibility and security testing standards (g. OWASP, WCAG). Benefits Alongside your salary, DBT contributes £17,991 towards you being a member of the Civil Service Defined Benefit Pension scheme. Learning and development ...

have: Knowledge of platform engineering patterns (g. sidecar architecture, secure base images, technical contracts). Familiarity with accessibility and security testing standards (g. OWASP, WCAG). Benefits Alongside your salary, DBT contributes £17,991 towards you being a member of the Civil Service Defined Benefit Pension scheme. Learning and development ...

have: Knowledge of platform engineering patterns (g. sidecar architecture, secure base images, technical contracts). Familiarity with accessibility and security testing standards (g. OWASP, WCAG). Benefits Alongside your salary, DBT contributes £17,991 towards you being a member of the Civil Service Defined Benefit Pension scheme. Learning and development ...

have: Knowledge of platform engineering patterns (g. sidecar architecture, secure base images, technical contracts). Familiarity with accessibility and security testing standards (g. OWASP, WCAG). Benefits Alongside your salary, DBT contributes £17,991 towards you being a member of the Civil Service Defined Benefit Pension scheme. Learning and development ...

have: Knowledge of platform engineering patterns (g. sidecar architecture, secure base images, technical contracts). Familiarity with accessibility and security testing standards (g. OWASP, WCAG). Benefits Alongside your salary, DBT contributes £17,991 towards you being a member of the Civil Service Defined Benefit Pension scheme. Learning and development ...

/CD, Docker , containerisation, Ubuntu/Linux, AWS , Serverless, CDK/CDKTF , Ansible Quality & Analytics: Postman API, testing frameworks, web analytics Patterns: Secure SDLC, OWASP Top 10 , TDD , Git-based workflows Must-have experience Proven delivery of full-stack web applications (frontend + backend + API) from design to production ...

hardware hacking (JTAG, FPGA, USB). Experience with security testing tools: Kali Linux, Nessus, Metasploit, BurpSuite, Wireshark, etc. Familiarity with secure coding practices (OWASP), SDLC, and security frameworks (ISO 2700x, NIST). Understanding of medical device regulations and quality system requirements. Agile/Digital Experience Passion for Agile processes, data ...

Secure architecture design and secure-by-design principles Risk assessment, threat modelling, and vulnerability management Security frameworks: ISO 27001, NIST 800-30/53, OWASP Cloud security architecture (AWS, Azure, GCP) Incident response, penetration testing, and remediation concepts Persuasive communication skills across technical and non-technical stakeholders Excellent analytical, documentation ...

incident response frameworks (e.g. NIST, SANS) Experience with cloud-native logging, monitoring, and detection tools Strong understanding of modern threat landscapes and frameworks (e.g. OWASP Top 10, MITRE ...

systems and TCP/IP networking protocols Proven ability to perform source code reviews and application security analysis Advanced understanding of web application vulnerabilities (OWASP Top 10) and mitigation strategies Excellent report writing and executive communication skills—ability to translate technical findings into business risk Ability to work autonomously ...

Jenkins, AWS CodePipeline, GitLab CI, or GitHub Actions Solid understanding of relational and NoSQL databases (e.g., PostgreSQL, MongoDB) Knowledge of security best practices (e.g. OWASP) and performance optimization Excellent leadership, communication, time management and mentoring skills, with the ability to influence technical direction Preferred Skills Experience in fintech, payments ...

Terraform) Containerisation (Docker, AKS) and serverless (Azure Functions) Monitoring and observability (Application Insights, Log Analytics) Secrets management and vulnerability scanning (Key Vault, SonarQube, OWASP) Microservices and event-driven design (Service Bus, Event Grid, Kafka) Domain-Driven Design (DDD) principles Overall experience: 8+ years in software engineering, with deep full-stack ...

Azure DevOps Cloud Security & Governance Applications & Platforms .NET Framework/.NET Core Microsoft Dynamics SQL Server SSRS M365 Apps Exchange SharePoint IIS Apache Security OWASP Firewalls ISO27001 Azure Security Benchmark Microsoft Defender zScaler CASB technologies Networking Enterprise switching & routing MPLS ExpressRoute Azure Front Door Routing protocols Firewalls Infrastructure VMware Windows ...

design and distributed systems Knowledge of modern engineering practices, including CI/CD and DevSecOps Understanding of secure development practices such as OWASP Top 10 Experience with testing methodologies such as TDD or BDD Bonus experience: PostgreSQL or NoSQL databases Large-scale platform migrations or re-architecture initiatives Experience ...

experience as an IT Security Architect or secure systems engineer in complex cloud environments, creating technical designs for Azure security architecture, application security (e.g., OWASP, DevSecOps), and network segmentation. Strong knowledge of Azure-specific security tools (e.g., Azure Security Center, Key Vault, Policy, Private Link), threat modelling, secure SDLC ...

vulnerabilities) Hardware security and hacking (JTAG, FPGA, USB, etc.) Proficiency with security tools (Kali Linux, Nessus, InsightVM, Metasploit, Burp Suite, Wireshark, NetSparker) Secure coding (OWASP), MITRE/SANS Top 25, SSDLC, static code analysis Security Frameworks (ISO 2700x, NIST Special Publications) Cloud development and cloud security testing Knowledge of medical ...

GitLab), Docker; Kubernetes fundamentals; IaC awareness. Software Engineering Fundamentals: DDD concepts, SOLID, testing (unit/integration), performance profiling, and security basics (OAuth2/JWT, OWASP Top 10). Non-Mandatory (Nice-to-Have) MongoDB (schema design, indexes, aggregation). Messaging systems: RabbitMQ, GCP Pub/Sub, or SQS/SNS. ...

programme through advice and training. Develop reports to track security progress and highlight gaps. Required Skills & Qualifications: In-depth knowledge of web application security (OWASP Top 10) and experience with SCA, SAST, and DAST tools. A degree in Computer Science, Information Security, or a related discipline (STEM preferred) or demonstrable ...

Proven, hands-on experience working specifically in Application Security, Penetration Testing, or as a Security-Focused Software Engineer. Vulnerability Expertise : Absolute fluency in the OWASP Top 10. You must be able to explain how vulnerabilities work, how they are exploited, and exactly how to remediate them. Developer Collaboration : Demonstrable experience ...

Clearance (must be willing to pursue DV Clearance ) Industry specific qualifications Proven hands-on penetration testing experience Strong understanding of testing frameworks such as OWASP Knowledge of Cyber Security standards including ISO 27001, CIS and PCI DSS Experience working with Linux and Windows environments Exposure to cloud platforms such ...

Azure Key Vault for secure secret management across environments Writing and maintaining unit and integration tests (NUnit and ViTest) Ensuring all development aligns with OWASP secure coding standards Contributing to CI/CD pipeline improvements and secure deployment practices Participating in architecture and technical design reviews Collaborating with UI/ ...

experience with cloud-native environments—preferably GCP and Azure. Skilled in performance optimisation techniques. Deep understanding of web and mobile security best practices, including OWASP guidelines, secure authentication and authorisation. Experience with containerisation and infrastructure tools such as Docker, Kubernetes, Helm, and Terraform. Familiarity with mobile frameworks such as Ionic ...